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Amendments to the qaims 

1 ClaxQi 1 (previously presented): A computer program product embodied on one or more 

2 computer-readable media, for establishing a secure connection between a client application and a 

3 server application using pre-existing message types, said computer program product comprising: 

4 computer-readable program code means for piggy-backing a request for a message 

5 encoding scheme proposal onto a first message sent from said client application to said s^ver 

6 {q>plication, wherein said first message uses a first pre-existing message type; 

7 computer-readable program code means for piggy-backing a first portion of se^ 

8 information onto a second message sent finom said server application to said client application, 

9 wherein said second message uses a second pr^-existing message type and wherein said first 

1 0 portion com^mses a response to said request for a message encoding scheme; 

1 1 computer-readable program code means for piggy-backing a second portion of security 

12 infomiation onto a third message seat fixm said client q>plication to said server application, 

1 3 wherein said third message uses said first pre-existing message type; and 

1 4 computer-readable program code means for piggy-backing a third portion of security 

15 information onto a fourth message sent fix>m said server application to said client application, 

1 6 wherein said fourth message uses a third pre-existing message type- 

1 Claim 2 (previously presented): The computer program product accordii^ to Claim 1, wherein 

2 said first pre-existing message type is a HyperText Transfer Protocol (HTTP) GET request 

3 message, said second pre-existing message type is an HTTP REDIRECT m^sage, and said third 

4 pre-existing message type is a response to said HTTP GET request message. 
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1 Claim 3 (previously presented): The computer program product according to Claim 1 , wherein 

2 said first pre-existing message type is a H>T?erTextTra^^ 

3 message, said second pre-existing message type is an HTTP REDIRECT message, and said third 

4 pre-existing message type is a response to said HTTP POST request message. 

1 Claim 4 (previously presented): The computer program product according to Claim 1 , wherein 

2 said first pre-existing message type is a Wireless Session Protocol (WSP) GET lequest message, 

3 said second pre^isting message type is a WSP REDIRECT message, and said third pre-existing 

4 message type is a response to said WSP GET request mess^e. 

1 Claim 5 (previously presented): The computer program product according to Claim I , ivhcrein 

2 said first pre-existing message type is a Wh^eless Session Protocol (WSP) POST request 

3 message, said second prcsexisting message type is a WSP REDIRECT message, and said third 

4 pre-existing message type is a response to said WSP POST request message. 

1 Claim 6 (original): The computer program product accoixling to Claim 1, wherein: 

2 said first message requests a s«^u^e page from said server aqppUcation, wherein said secure 

3 page request further comprises an identifier of said secure page; 

4 said second message sends a redirection message fiom said server application to said 

5 client application, wh^tiin said redirection message comprises a redirected identifier of said 

6 secure page; 
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7 third message sends a svbseqxient request fox said secure page from said server 

8 application m response to said redirection message, wherein said subsequeiit request further 

9 comprises said redirected identifier of said secure page; and 

1 0 said fourth message sends a response to said subsequent secure page request to said client 

1 1 application, wherein said response further comprises a content portion encrypted using a session 

12 key generated by said server application. 

1 Claim 7 (original): TTie computer program product according to Claim 6, wherein: 

2 said first portion further comprises a security certificate of said server application; 

3 said second portion further comprises a set of information encrypted using a public key of 

4 said server application; and 

5 said third portion further comprises a nonce of said server application, encrypted using a 

6 public key of said client application. 

1 Claim 8 (original): The comjHiter program product according to Claim 6, ^rfierein: 

2 said first portion further comprises an identification of said server £^plication; 

3 said second portion fiirther comprises a set of information encrypted using a public key of 

4 said server application; and 

5 said third portion further comprises a nonce of said server application, encrypted using a 

6 public key of said client ^licatioa 

1 Claim 9 (original): The computer pragram product according to Claim 7 or Claim 8» wherein 
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2 said request for a message encoding scheme further comprises a keyword indicating said request. 

1 Clattn 10 (original): TTie computer program product according to Claim 9, wherein said set of 

2 information comprises: zero or more parameters required for said secure page request; an 

3 identification of said client application; a client nonce; and optionally including a timestamp. 

1 Claim 1 1 (previously presented): The computer program product according to Claim 6, wherein 

2 said redirected identifier of said secure page is identical to said idexrtifier of said secure page. 

1 Claim 1 2 (original): The computer program product according to Claim 1 , wherein: 

2 said first message requests a secure page firom said server application, wheiein said 

3 request fttrther comprises an identifier of said secure page; 

4 said second message sends an authentication message j&om said server application to said 

5 client application; 

6 said third message sends a subsequent request for said secure page jerom said server 

7 application in response to said authentication message; and 

8 said fourth message sends a response to said subsequent secure page request to said client 

9 ^plication, wherein said response further comprises a content portion encrypted using a session 
1 0 key generated by said servo- application. 

1 Claim 1 3 (original): The computer program product according to Claim 1 X wherein said 

2 authentication message comprises a redirected identifier of said secure page, and whtt^ein said 
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3 subscquOTt request further comprises said redirected identifier of said secure page. 

1 Claim 14 (previously presented): A system for establishing a secure connection between a client 

2 application and a server application using pre-existing message types, said system comprising: 

3 means for piggy-backing a request for a message encoding scheme proposal onto a first 

4 message sent from said client application to said server ^plication, wherein said first message 

5 uses a first pre-existing message type; 

6 means for piggy-backing a first portion of security information onto a second message 

7 sent from said server application to said client application^ wherein said second message uses a 

8 second pre-existing message type and \^4ierdn said first portion comprises a response to said 

9 request for a message encoding scheme; 

10 means for pi^y-^bocking a second portion of security infbnnadon onto a third message 

1 1 sent from said client application to said server ^plication, wherein said third message uses said 

1 2 first pre-existing message type; and 

^ 3 means for piggy-backing a third portion of security information onto a fourth message 

14 sent fiom said server application to said client application, wherein said fourth message uses a 

1 5 third pre-existing message type. 

1 Claim 15 (previously presented): The system according to Claim 14^ wherein said first pre- 

2 existing message type is a HyperText Transfer Protocol (HTTP) GET t^quest message, said 

3 second pre-existing message type is an HTTP www- Authenticate message header, and said third 

4 pre-existing message type is a response to said HTTP GET request message. 
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1 Claim 16 (previously presented): The system according to Claim 14, wherein said first pre- 

2 existing message type is a HyperTcxt Transfer Protocol (HTTP) POST request message, said 

3 second pre-existing message type is an HTTP www-Authenticate message header^ and said third 

4 pre-existing message type is a response to said HTTT POST request message. 

1 Claim 17 (previously presented): The system according to Claim 14, wherein said first pre- 

2 existing message type is a Wireless Session Protocol (WSP) GET truest message, said second 

3 pre-existing message type is a WSP www-Authenticate message header, and said third pre- 

4 existing message type is a response to said WSP GET request message. 

1 Claim 1 8 (previously presented): The system according to Claim 1 4, wherein said first pre- 

2 existing message type is a Wireless Session Protocol (WSP) POST request message, said second 

3 pre^sting message type is a WSP wvw- Authenticate message header, and said third pre- 

4 existing message type is a response to said WSP POST request message. 

1 Claim 19 (original): The system according to Claim 14, wherein: 

2 said first message requ^ a secure page fhwn said server application, v^lierein said 

3 request further comprises an identifier ofsaid secure page; 

4 said second message sends an authentication message from said server application to said 

5 client application; 

6 said third message sends a subsequent request for said secure page from said sCTver 
Serial No. 09/415,645 -9- Docket RSW9-99-084 
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7 application in response to said authentication m^age; and 

8 said fourth message sends a response to said subsequent secure page request to said client 

9 application, wherein said response further comprises a content portion encrypted using a session 
1 0 key generated by said server application. 

1 Claim 20 (original): The system according to Claim 19, wherein said authentication message 

2 comprises a redirected identifier of said secure page, and wherein said subsequent request further 

3 comprises said redirected identifier of said secure page« 

1 Cl^ 21 (original): The system according to Claim 19 or Claim 20, wherein: 

2 said first portion further comprises a security certificate of said server application; 

3 said second portion jftirther comprises a set of information encrypted using a public key of 

4 said servea: ecpplication; and 

5 said third portion further comprises a nonce of said server application, encrypted using a 

6 public key of said client application. 

1 Claim 22 (original): The system acconling to Claim 1 9 or Claim 20, whei^in: 

2 said first portion further comprises an identification of said server plication; 

3 said second portion further comprises a set of infbnnation encrypted using a public key of 

4 said server application; and 

5 said third portion further comprises a nonce of said server application, encrypted using a 

6 public key of said client application. 
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1 Claim 23 (original): The system accordiog to Claim 20, wheitsin said request for a message 

2 encoding scheme ftirther comprises a keywoni indicating said request. 

1 Claim 24 (original): Tlie system according to Claim 23, wher^n said set of information 

2 comprises: zero or more parameters required for said secure page request; an identification of 

3 said client application; a client nonce; and optionally includijog a timestamp. 

1 Claim 25 (original): The system according to Claim 22, wherein said request for a message 

2 encoding scheme further comprises a keyword indicating said request and wherein said set of 

3 infbnnatioo comprises: zero or more parameters required for said secure page request; an 
identificaHon of said cUent appUcation; a client nonce; and optionaUy including a thnestamp. 



4 



1 Claim 26 (previously presented): The system according to Claim 20, wherein said redirected 

2 identifier of said secure page is identical to said identifier of said secure page. 

1 Claim 27 (origjnal): The system according to Claim 1 4, wherein: 

2 said first message requests a secure page from said server appUcation, wherein said 

3 request ftirther comprises an identifier of said secure page; 
said second message sends a redirection message fiom said server application to said 

5 client ^plication, wherein said redirection message comprises a redirected identifier of said 

6 secure page; 



4 
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7 ^'^^ird message sends a subsequent request for said secure page from sddse^^ 

8 application in response to said redirection message, vvhercin said subsequent request ftmhcr 

9 comprises said redirected identifier of said secure page; and 

10 said fourth message sends a response to said subsequent secure page request to said client 

1 1 application, wherein said response fljrther comprises a content portion encrypted using a session 

1 2 key generated by said server application. 

1 Claim 28 (previously presented): A method for establishing a secure connection between a client 

2 application and a server application using pre-existing message types, said method comprising 

3 ihe steps of: 

4 piggy-backing a request for a message encoding scheme proposal onto a first message 

5 sent ftom said client application to said server application, wherein said first message uses a first 

6 pre-existing message type; 

7 Pto-backing a first portion ofsecurity information onto a second message sent from 

8 said server application to said client application, wherein said second message uses a second pre- 

9 existing message type and wherein said fiist portion comprises a response to said request for a 
10 message encoding scheme; 

^ ^ piggy-backing a second portion of security information onto a third message sent fitmi 

12 said cHent application to said server plication, wherein said third message uses said first pre- 

1 3 existing message type; and 

1 4 piggy-backing a third portion of security information onto a fourUi message sent fiom 

15 said server application to said client application, wherein said fourth message uses a third pre- 
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1 6 existing message type. 



2 



Claim 29 (previously presented): Hie method accoiding to Claim 28. wherein said first pre- 
existing message type is a HyperText Transfer Protocol (HTTP) GET request message, said 

3 second pre-existing message type is an HTTP www-Authenticate message header, and said third 

4 pre-existing message type is a response to said HTTP GET request message. 

1 CJafan 30 (previously presented): ITie method according to Claim 28, wherein said first pre- 

2 existing message type is a HyperText Transfer Protocol (HTTP) POST request message, said 

3 second pre-existing message type is an HTTP www-Authenticate message header, and said third 
pre-existing message type is a response to said HTTP POST request message. 



4 



1 
2 
3 
4 

1 
2 
3 
4 



Claim 31 (previously presented): The method according to Claim 28, wherein said first pre- 
existing message type is a Wireless Session Protocol (WSP) GET request message, said second 
pre-existing message type is a WSP www^Authenticate message header, and said thiitl pie- 
existing message type is a response to said WSP GET request message. 

Claim 32 (previously presented): The method according to Clami 28, wherein said first pre- 
existing message type is a Wireless Session Protocol (WSP) POST request message, said second 
pre-existing message type is a WSP www-Authenticate message header, and said third pre- 
existing message type is a response to said WSP POST request message. 



Serial No. 09/41 5,645 -B- 



Docket RSW9-99-084 



PAGE1«40'RCVDAT8/l1/20ll511:08:16PM|Eastem Daylight TiinepSVfcUSPTO€FXRF-6126*Dra^^^^^ 



08/11/2005 23:10 4073437587 



FAX 



PAGE 16 



1 Claim 33 (original): The method according to Claim 28, wherein: 

2 said first message requests a saaire page from said server application, wheirc^ 

3 request further comprises an identifier of said secure page; 

4 said second message sends an authentication message fit>m said server appUcation to said 

5 client application; 

6 said third message sends a subsequent request for said secure p^ firom said server 

7 plication in response to said authentication message; and 

8 said fourth message sends a response to said subsequent secure page request to said client 

9 appUcation, wherein said response further comprises a content portion encrypted using a session 
1 0 key generated by said server application. 

1 Claim 34 (original): The method acconh'ng to Oaim 33, wherein said authentication message 

2 comprises a redirected identifier of said secure page, and wherein said subsequent request fiirther 

3 comprises said redirected identifier of said secure page. 

1 Claim 35 (original): The method according to Claim 33 or Claim 34, wherein: 

2 said ftfst portion further comiMises a security certificate of said server application; 

3 said seoOTjd portion further comprises a set of information encrypted using a public key of 

4 said server application; and 

5 said third portion further coniprises a nonce of said server i^lication, encrypted using a 

6 public key of said client plication. 
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1 Claim 36 (original): The method according to Claim 33 or Claim 34, wherein: 

2 said first portion fiirther comprises an identification of said server application; 

3 $aid second portion fiirther comprises a set of infimnation encrypted using a public key of 

4 said server application; and 

5 said third portion fijrther comprises a nonce of said server application, encrypted using a 

6 public key of said client application. 

1 Claim 37 (original): The method according to Claim 34, wherein said request for a message 

2 encoding scheme jRtrther conaprises a keyword indicating said request. 

1 Claim 38 (original): The metiiod according to Claim 37, wherein said set of information 

2 comprises; zero or more parameters required for said secure page request; an identification of 

3 said client application; a client nonce; and optionally including a timestamp. 

1 Claim 39 (original): The method according to Claim 36, wherein said request for a message 

2 encoding scheme fiirther coniprises a keyword indicating said request and wherein said set of 

3 information comprises: zero or more parameters required for said secure page request; an 
identiiication of said cHem appUcation; a cUent nonce; and optionally including a timestamp. 



4 



1 Claim 40 (previously presented): The method according to Claim 34. wherein said redirected 

2 identifier of said secure page is identical to said identifier of said secure page. 
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1 Claim 41 (original): The method according to Claim 28, wherein: 

2 said first message requests a secure page from said server appUcation, wherein said 

3 request fbrther comprises an identifier of said secure page; 

4 said second message sends a redirection message from said server application to said 

5 client application, wherein said redirection message comprises a redirected identifier of said 

6 secure page; 

7 said third message sends a subsequait request for said secure page from said server 

8 application in response to said redirection message, wherein said subsequent request fiarther 

9 comprises said redirected identifier of said secure page; and 

° f**^ mess^ sends a response to said subsequent secure page request to said client 

1 1 appUcation, wherein said response further comprises a content portion encrypted using a session 

12 Icey generated by said server application. 

1 Claim 42 (cuircntly amended): A method for establishing a secure connection between a client 

2 application and a server application using pre-existing message types, said method comprising 

3 the steps of: 

4 Pto-''a**»nK a request for said server appUcation to select a message encoding scheme 

5 onto a-firsHncss^ wntept reguegt sent from said client application to said server application, 

6 wherein said-firstincssage contept request uses a first pre-existing message type to request 

7 content from, or deliver cotrtent to, said server application; 

^ selecting, by said server appKcation wi t hout using in formaf^nn fy om. or p re-arwnpff/l 

^ >vi«h^ s^d chent application, a message encoding sclienp c. responsive to said comej ^ rt-gii^-, 
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10 using, by said servgr applicatioiL said sel ected message encoding .sch gme to encryp t 

11 l ecurity-set^itive c ontent for se ndin g to s a i d cKent annlTcatinii, responsive to said content 

12 request; and 

1 3 piggy-hacking zl fiist puillun uf s ecurity information onto a-sccomhncss^ content 

* 

1 4 response sent from said server application io said client application, wherein said-second 

1 5 message content response uses a second pre-existing message type and responds to said-first 

1 6 mwidgti ofintent request by sending said encrypted security-sensitive content, Vi*crein said 
piggy-backed security i n formation accmi t y-ALiiAiUDt. iM.mmn ; « I ' ^y f jptr d \u\ng i an vis 
appli'^atiou .seie&ted n i vsAdgc cuLuJing sclicuic Uiai ij. UiutUj piopojcJ to jwiid cUtf-ut J t^p liuiCiou 

1 ^ ««i wid fiiAl pui Uuji enables said client application to determine said selected message encodtTip 

2 0 scheme, such that said ctient can then decrypt said security-sensitive content 

1 Claim 43 (previously presented): The method accorditig to Clahn 42, wherem said first pte- 

2 existing message type is a HyperText Transfer Protocol (HTTP) GET request message and said 

3 second pre-existing incssage type is a response to said HTTP GET request message. 

1 Oaim 44 (previously presented): The method according to Claim 42, wherein said fust pre- 

2 existing message type is a HyperTejrt Transfer Protocol OHTTTP) POST request message and said 

3 second pre^tsting message type is a xesponse to said HTEP POST request message. 

1 Claim 45 (previously presented): The method according to Claim 42, wherein said first pre- 

2 existing message type is a Wireless Session Protocol (WSP) GET request message and said 
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3 second pre-existing message type is a Tesponse to said WSP GET request message, 

1 Claim 46 (previously presented); The method according to Claim 42, wherein said first pte- 

2 existiiig message type is a Wireless Session Protocol (WSP) POST reque^ message and said 

3 second pre-existing message type is a response to said WSP POST request message. 

1 Claim 47 (currently amended): The method according to Claim 42, vrtiefein: 

2 sai d first mctoj^^ content request requests said security-sensitive content firom said server 

3 application, wherein said request further comprises an identifier with which said security- 

4 sensitive content can be located; 

5 said security-sensitive content in sai d second message; cojatent response is encrypted using 

6 a session key generated by said server application; and 

7 sard first portion security information secures said session key while enabling said client 

8 application to securely recover said session key. 

1 Claun 48 (currently amended): Hie method according to Claim 47, wherein: 

2 said request to select a message encoding scheme fiirther comprises an identifier of said 

3 cUent application, a nonce of said client application, and optionally includes a timestamp; and 

4 said first portion security infnrmattnn is secured using a public key of said client se r ve r 

5 application. 

1 Claim 49 (currently amended): The method according to Claim [[48]] 47, wherein saidigrst 
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2 porti o n sggir jty infonnation further comprises: 

3 a nonce of said server application, encrypted using a pubUc key of said client application; 

4 and 

5 a security certificate of said server application. 

1 Claim 50 (cunrently amended): The method according to Claim 48 or Clairn 49, wbereiiHtrst 

2 said content request finthcf comprises zero or mote parameters reqmred for said server 

3 application to xise when preparin® said security-sensitive content. 

1 Claim 51 (currently amended): A system for establishing a secure connection between a client 

2 application and a server application using pre-existing message types, said system comprising: 

3 means for pi^-backing a request for said server application to select a message 

4 encoding scheme onto aCistmcwse content request sent ftom said client application to said 

5 server appUcatiwi, wherein sai d - ttist measage content ^uegt uses a first pre-existing message 

6 type to request coittent from, or deliver content to, said server applicaiion; 

7 Tf )eans for sel ^JiTM^ - bv said server apolication witho ut using information fi?Qm, oi; pfSz 

8 ^rran ^ed with, qlient ap plication. ame ssa?e encoding scheme, igspftnsive U) said content 

9 request: 

10 means for using, bv said server apDlicat ^<;m- said selected message encoding scheme tQ 

11 f^ncrvnt securitv-sensitive con *^* V j ^Hinp to said client appHcation. lesnonsjve to said 

12 content request and 

1 3 means for piggy-baddn g J fiiAt yuxiitin o f security information onto a content response 
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1 4 &ei: o iid message s ent from said server application to said client application, vs*ierein said conten^t 

1 5 response &econd message uses a second pre-existing message type and responds to said cpntent 

16 request fi r &t messa g e b v sending said encrypted security-sensitive content^ wherein said EisSli 

17 backed securitv informatioa &tcuii t ysm5iti ve con t en t i& cuuj ptcd using a seiTci ' -^a pp lica t i ot t- 

18 sclcUed me ssage enc od ing sehemc that is thereby p rup u &cd to said lUcuI dpplicati o n -and said 

1 9 fu&i porti o n e nables sedd client ^plication to determine said selected message encoding scheme. 
2 0 such that said client application can then decrypt said security-sensitive content. 

1 Claim 52 (previously presOTted): The system according to Claim 51, wherein said first pre- 

2 existing message type is a HyperTcxt Transfer Protocol (HTTP) GET leque^ message and said 

3 second pre-existing message type is a respond to said HTTP GET request message. 

1 Paim 53 (previously presented): The system according to Claim 5 1 , wherein said first pre- 

2 existing message type is a Wireless Session Protocol (WSP) GET request message and said 

3 second pre-existing message type is a response to said WSP GET request message. 

1 Claim 54 (currently amended): The system according to Claim 5 1 , wherein : 

2 sai d fi r s t message content request requests said security-sensitive contefnt ftom said server 

3 ^plication, i^erein said request further comprises an identifier with which said security- 

4 smsitive content can be located; 

5 said security-sensitive content in sai d second message content response is encrypted using 

6 a session key generated by said server application; and 
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saidHfiTst-porttOT security mformatlon secures said session key while enabling said client 



8 application to securely recover said session key. 

1 Claim 55 (currently amcaided): The system according to Claim 54, wherein: 

2 said request to select a message encoding scheme further comprises an identifier of said 

3 cUent application, a nonce of said client application, and optionally includes a timestamp; and 

4 saL d - €i 8.1 p o rti o n ifeciiritv inforamtion is secured using a public key of said-server sliraj 

5 plication. 

1 Claim 56 (currently amended): The system according to Claim [[55]] vAerein said-first 

2 port io n security informaticTO further comprises: 

3 a nonce of said server ^plication, encrypted using a public key of said client application; 

4 and 

5 a security certificate of said server application- 

1 Claim 57 (currently amended): The system according to Claim 55 or Claim 56, whercurfirst 

2 wwwBttffc said content request ftgther comprises zero or more parameters required fiy said server 

3 {plication to use vdien preparing said security-sejisitive content. 

1 Claim 58 {currently amended): A computer program product embodied on one or more 

2 computer-readable media, for estabUshing a secure connection between a client application and a 

3 server application using pre-existing message types, said computer program product comprising: 
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4 computer-itsadable program code means for piggy-backiiig a request for said server 

5 application to select a message encoding scheme onto a content request firstwssagc-sent fifotn 

6 said client application to said server s^jplication, wherein said content request DasI message uses 

7 a first pre-existing message type to request content from, or deliver content to, said server 

8 application; 

9 comouter-rP flHflhIft pmgram nnrift means for selecting, bv s^d server application without 

10 using information from, or pre-airangcd with, said client ap plication, a message encoding 

11 scheme, responsive to said content request: 

12 computer-readable prog ram cnde means for using, bv said server aoD lication. said 

13 selected message enco dingr sche me to encrypt security-sensitive cotrtent for sending to_$a id client 

14 aprplication. responsive to said content request; and 

1 5 computer-readable program code meaz^ for piggy-backin g a fir a t poi t u i n of security 

1 6 informati on onto a content response sec o n d message s ent from said server application to said 

17 client application, wherein said content response sc wud message uses a second pre-existing 

18 me?wBge type and responds to sai d first message content inquest bv sending said encrypted 

1 9 security-sensitive content, wherein said piggv-backed security information s ecuri t ysensi tt ve 

20 c o n t ent is euciypted using a sc r vei-oippl i cation^sclcc t cd mcsa^e enooding scheme that h U i ereby 

2 1 p ro po sed t u said elieM a p plication and said fi r st p o rtion en ables said client application to 

22 determine said selected message encoding scheme, sudi that said client application can then 
2 3 decrypt said security-serBitive content 

1 Claim 39 (previously presented): The computer program product according to Claim 58, wherein 
Serial No. 09/415,645 -22- Docket RSW9-99-084 
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2 said first pre-existing message type is a HyperText Transfer Protocol (HTTP) GET request 

3 message and said second pre-existing message type is a response to said HTTP GET request 

4 message. 

1 Claim 60 (previously presented): The computer program product according to Claim 58, wherein 

2 said first pre-existing message type is a Wireless Session Protocol (WSP) GET request message 

3 and said second pre^sting message type is a response to said WSP GET request message. 

1 Claim 61 (currratly amended): The computer program product according to Claim 58, wherein: 

2 said-fiwtmcssage content request requests said security-sensitive content from said server 

3 ^plication, wherein said request finther comprises an identifier vnUi which said security- 

4 sensitive content can be located; 

5 said security-sensitive content in sai d itcond message spntgffit i:espo i^ is encrypted using 

6 a session key generated by said server ^pUcation; and 

7 said-ftrstiwrtton .' feciiritv information secures said session key while enabling said client 

8 Implication to securely recover said sessaon key. 

1 Claim 62 (currently amended): The computer program product accordii« to Claim 6 1 , wherein: 

2 . said request to select a messs^e encoding scheme further comprises an identifier of said 

3 cUOTt application, a nonce ofsaid client ^plication, and optionally includes a timestamp; and 

4 fin i pi l l < in n sccuritv information is secured using a public key of said-server cligpl 

5 application. 
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1 Claim 63 (currently am^ded): The computer program product according to Claim [[62]] 6L 

2 wherein sai d fu ' iit porti o n security mformation further comprises: 

3 a nonce of said server applicatioTi, encrypted using a public key of said cli^t application; 

4 and 

5 a security certificate of said server application. 

1 Claim 64 (currently amended): The computer program product according to Claim 62 or Claim 

2 63 , whereixrftrst-mcssage sard content request further comprises zero or more paiameters 

3 required for said server application to use when preparing said security-sensitive content 

1 Claim 65 (currently amended): A method for securely establishing a cormection between a client 

2 application and a server applicatioti,fiirther comprising steps of: 

3 sending, ficom the client application to the server application, a first message that uses a 

4 first pre-existiag message type, wherein the first message requests informaUon from the server 

5 plication and includes a paramet^ portion, the parameter portion containing zero or more 

6 parameters that may be used by the server application in creating the requested information; 

7 sdecting. bv the server application rest>onsive to receiving the first message^ a message 

8 encnHin p 5;chCTie without using information fronx or pre-arran£ ;ed with, t he client ap plication: 

9 using, by the server application, the selected message cncodingL scheme to encrypt the 

10 re quested in fmrnatio n that responds to the first message, the requested information created using 

11 zero or more of the zero or more parameters: and 
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1 2 sending, fiom the server appUcation to the client application, a second message, 

1 3 responsive to receiving the first message, wherein: 

3^ 4 tbe second message uses a second pre-existing message type; 

^ 5 the second message contains the encrypted requested informatjoniand 

thR second message has security informati nn piggy-backed thereon, the pigRY- 

17 hacked security information e p aWing the client application to determil^e the . se^ectcd iwessag g 

18 encoding scheme such that t>ie client appl ication can then decrypt the encTYPtecj ^gqysstgd 

19 infotmalion . wliitU liAJ. been ueated usiitg ijuu ui Jiiuic uf Uie ze ro ui muic paiai iiLlci^ and 

20 whhJli his been cmMyp t cd using a session k e y, 

21 the sessi o n kcji luui bccu uca t ed uaiiig a scrvci ftonee; and 

22 Oil &LL.ax>d niLAAagu fm l liLi contains t he vei vu uoncL, uiojyptcd UAU i g a pullit. 

23 ktj f of the L liutt applicatio T L 

1 Claim 66 (currently amended): The method according to Claim 65, wherein a cijent-proyided 

2 cfentponce is als o used wiicii uuULixg tUu si^ioj ) fccy , aud wherein ll i c cUl.uI nonce is 

3 ^r,^iH^ tlip fir^ meaaaf e and is used with a setver-provided notice to create a SeSSiOP Hev 

4 for input to the selected message encoding schem e the using step. 

1 Claim 67 (previously presented): A method for securely establishing a connection between a 

2 client application and a server application, further comprising steps of: 

3 sendire, ftom tbe client appllcatidn to the server application, a first message that uses a 

4 first pre-existing message type, wtereift the fct message requests information fr^ 
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5 appHcation and signals the server appUcadon to propose an encoding scheme to 

6 securely establislung the connection; 

7 sending, from the server application to the client application, a second message in 

8 response to the first message, wherein the second message uses a second pre-existing message 

9 type and requests the client E?>pijcation to rosend the information request from the first message, 

10 and whertin the second message also transmits a description of the encoding scheme proposed by 

11 the server aj^lication; 

12 sending, from the cUent application to the server application, a third message in response 

13 to the second message, wherein the third message uses the first pre-existing message type and re- 

1 4 sends the information request from the first message, along with zero or more parameters to be 

1 5 used by the server application in creating the requested informati on and first security infomialion 

16 for use by tfie server application in securely establishing the connection, accord to the 

17 described encoding scheme; and 

1 8 sending, from the server application to the client application, a fourth message in 

1 9 response to the third message, wherein the fourth message uses a third pre-cxi sting message type 

20 and contains the requested information, which has been enciypted using a session key created 

2 1 using the first security infbnnation as an input, and wherein the fourth message fiirther comprises 
2 2 second security information which was also used as an input when creating the session key, the 
23 second security infortnation encrypted such that it can be decrypted only by the cUent plication. 

1 Claim 68 (previously presented): The method according to Claim 67, wherein the parameters are 

2 enocypted using a public key of the server, according to the described encoding scheme. 
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1 Claim 69 (previously piejjented): The method according to Claim 67, wherein the first security 

2 information comprises a client notice and the s«ond security information comprises a server 

3 nonce. 

1 Claim 70 (currently amended): A system for securely establishing a connection between a cUent 

2 application and a server application, comprising: 

3 means for sending, ftom the client appUcation to the server application, a first message 

4 that uses a first pre-existing message type, wherein the first message requests information from 

5 Ac server application and includes a parameter portion, the parameter portion containing zero or 

6 more parameters that may be used by the server application in creating the requested information; 

7 niftan^ for scl ectin p. hv the server appl ication responsive to receiving the first message, a 

8 message encoding scheme without usinp information from, or m e-arranged with, the client 

9 appUcation; 

10 means fnr usin p. hv the server application, the sel ected message encoding scheme to 

11 encrypt the tequested information that responds to the first me^ ge, the requested inforniatipn 

12 created using zero or more of thejzero or more parameters; and 

13 means for sending, fitjm the server applicatian to the client application, a second 

14 message, responsive to receiving the first message, wherein: 

15 the secOTd message uses a second pre-existing message type; 

16 the second message contains the encrypted requested informatio n: and 

17 the second message has security information piggy-back ed theteoru the piggy- 
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18 hacked sectirit Y information enabling the cl ient appKcation to determine the selected message 

19 gicoding scheme, such that the client appKcatioii can then dec rypt the encrypted requested 

20 fflfbmation . which has bcui c/^aicd uMDg zer o o i mmc uf IhiL jlciu ox xuuit pji^>6tu>s and 

21 whjeh ha& hviu mcoptcd using a sessi o n k e y ; 

22 t li e ses s ion k e y has been ci t a t cd using a &ci va nonce; and 

23 tlic sec o n d uiLA&age ftudiu ' c o ntains Ihc sei - vu uoi i ee^ ciiuj/pted u &iiAg a pubhc 

24 key o f the Uiuil applicati o n . 

1 Claim 71 (cunently amended): The system according to Claim 70, wherein a client-provjded 

2 cti<?ntTionce is al^ o u^^d whui uvatiug t he sessi o n Kcj i , JAid whuLin Ihc diuil uunce is 

3 transmitted on the first message and is used with a server- provided nonce to create a gession 

4 for input to the selected message encoding schem e in the means for using. 

1 Claim 72 (previously presented): A system for securely establishing a connection between a 

2 client plication and a server application, comprising: 

3 means for sending, ftom the client application to the server application, a first message 

4 that uses a first pre-existing message type, wherein the first message requests information from 

5 the server application and signals the server application to propose an encoding scheme to be 

6 used for securely establishing the connection; 

7 means for srading, from the server application to the client plication, a second message 

8 in response to the first message, wherein the second message uses a second pre-existing message 

9 type and requests the chcnt ^ppUcation to rc-send the inftrrmation request from the first message. 
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10 and wherein the second message also transmits a description of the encoding scheme proposed by 

11 the server application; 

12 means for sending, fi»m the client application to the server application, a third message in 

13 response to the second message, wherein the third message uses the first pre-existing message 

14 type and re-sends the information request from the first message, along with zero or more 

1 5 parametere to be used 1^ the servo- application in creating the requested information and first 

1 6 security information for use by the server application in securely establishing the connection, 

17 according to tiiie described encodio® scheme; and 

1 8 means for sending, fiom the server application to the cUent ^hcation, a fourth message 

19 in response to the third message, wherein the fourth message uses a third pre-existing message 
2 0 type and contains the requested information, which has been encrypted using a session key 

2 1 created usmg the first security information as an input, and wherein the fourth message fiirther 
2 2 comprises second security mfoimation which was also used as an input when creating the session 
2 3 key, the second security information encrypted such that it can be decrypted only by the cUent 
24 i^licaljon. 

1 Claim 73 (previously presented): The system according to Claim 72, wfceiein the parameters are 

2 ewctypted using a public kQ^oftheservCT, according to the described encoding scheme. 

1 Claim 74 (previously presented): The systen according to Claim 72, wherein the first security 

2 information comprises a client nonce and the second security information comprises a server 

3 nonce. 
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1 Claim 75 (cuirently amended): A computer program product for securely establishing a 

2 connection between a cUent applicatioji and a server appUcation, the computer program product 

3 embodied on one or more computer-readable media and comprisii^: 

4 computer-readable program code means for sending, from the cUent appUcation to the 

5 server application, a first message that uses a first pre-existing message type, wherein the first 

6 message requests information from the server applkation and includes a parameter portion, the 

7 parameter portion containing zero or more parameters that may be used by the sei:ver appUcation 

8 in creating the requested information; 

9 cnm nirter-rea Hahf ft |imfmi Tn code means for selecting, bv the serv.er application 

10 ^sponsive to receiving the first message, a i n es5age encoding scheme wjthom y^im mfonn^^ jg u 

11 fiom- or pre -fMTanped with, fee client appUcation; 

X2 com puter-readable program code means for ming. bv t he server application, the seleQtft4 

13 message encoding scheme to encrvpt t he remiested tnfomiation that responds tO the first 

14 me5ga fre. the Tcmiested information gw at^^H i«inp rem or more of the zero or more parameters; 

15 and 

1 6 computer-readable program code means for sendii^, from tiie server appUcation to the 

17 cUent s^lication, a second message, responave to receiving the first message, wherein: 

18 the second message uses a second pre-extsting mess^ type; 

19 the second message contains the encrvpted requested informationuji^ 

20 the second message has security infiw rnation oiggv-backed thereop, the pigffl^ 

21 backed security information enabling the cUent application to determine the ^elected message 
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22 encoding scheme, such that the dient apDlic a tion can then decrypt the encrypted requested 

23 infonnation . wlddi Im been using zlau m muic of die /x.iu o r muic pdiaiiiL l u& and 

24 which buu i encrypted usiug a &t&&iuAi key; 

25 : the ses5i o nKcjf hag bcul crea t ed u^Ing a se r vu uoncc; and 

26 — Hal &cuiitd mcAMgc fmUin Luiiteiiuj> tht aca vci nonce, cuuj ' ptul uj^ing a pablic 

27 kuy ufUie diuil ap p licat i on , 

1 Claim 76 (cunently amended): The computer program pnxluct according to Claim 75, wherein a 

2 cUent-PTovided ^Hentnonce is al&u u&ul when Liudmg the &Lj>Almi kLj/> aiid wherein the cUen t 

3 TO uc e is tra nsmitted on the first message and is used ^th a scrvey-pr ovided nonce to cyeatc a 

4 session key for input to the selected message enco ding scheme in the compiiter-rcadat>!e,jrogsin 

5 code means fiar using * 

1 Claim 77 (previously presemed): A computer program product for securely estabU$htng a 

2 connection between a clirat application and a server application, the computer program product 

3 embodied on one or more computer-readable media and comprising: 

4 computer-readable program code means for sending, fiom the client apphcation to the 

5 sover apphcation, a first message that uses afirst pre^stmg message type, wherein the first 

6 message requests information from the server application and signals the server application to 

7 propose an encodmg scheme to be used for securely establishing the connection; 

8 computer-readable program code means for sending, from the server application to the 

9 client application, a second message m response to the first message, wherein the second 
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1 0 message uses a secotid pre-existing message type and requests the client application to re-send 

11 the information request from the first message, and wherein the second message also transmits a 

1 2 description of the encoding scheme proposed by the server application; 

1 3 coraputer-readahle program code means ftrr sending, from the client application to the 

1 4 server application, a thiiti message in response to the second message, vvherein the third message 

1 5 uses the first pre-existing message type and re-sends the information request from the furst 

1 6 message, along vvith zero or more parameters to be used by the server application in creating the 

17 requested information and first security information for use by the server application in securely 

1 8 establishing the connection, according to the described encoding scheme; and 

1 9 computer-readable program code means for sending, from the server application to the 

2 0 client application, a fourth message in response to the third message, wherein the fourth message 
2 1 uses a third pre-existing message type and contains the requested information, which has been 
2 2 encrypted using a session key created using the first security information as an input, and wherein 
23 the fourth message further comprises second security information which was also used as an 
2 4 input when creatir® the session key, the s«ond security information encrypted such that it can be 
2 5 decrypted only by the client applicatiorL 

1 Claim 78 (previously presented): The computer program product according to Claim 77, wherein 

2 the parameters are encrypted using a public key of the server, according to the described 

3 encoding scheme. 

1 Claim 79 (previously presented): The computer program product according to Claim 77, wherein 
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2 the first security itiformation comprises a client nonce and the second security information 

3 comprises a server nonce. 
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